How exactly will the proposed "Stop Online Privacy Act (SOPA)" impact the DNS infrastructure of the Internet? What are the technical and engineering problems caused by the proposed bill? How will the bill actually DECREASE our national cybersecurity?

If you want to understand the technical issues with the proposed mechanism, there are three whitepapers I would recommend for reading - and for sharing with your legislators. (I've sent the links in to my representatives.) I'd note that the first two documents were prepared back in the spring of 2011 to address the U.S. Senate's version, the PROTECT-IP Act, but the mechanism proposed in SOPA is essentially the same.

In this easy-to-read paper, the Internet Society explains why DNS filtering is not a solution, how the mechanism can be easily circumvented and how it will "not solve the problem, interfere with cross-border data flows and services, and undermine the Internet as a single, unified, global communications network." The document discusses the issues of "collateral damage" of website blockage, explains some of the non-technical issues and provides links to further resources.

This whitepaper was written by 5 of the leading DNS designers, operators and researchers and dives into significant technical depth. In particular, it looks at how the proposed DNS filtering mechanism would break the implementation of DNSSEC, a newer method being deployed to help secure the DNS infrastructure. The paper, too, addresses how easily DNS filtering can be bypassed (and provides very simple examples demonstrating this) and the security issues that come with that circumvention. It also looks at the "collateral damage" issue, the impact to content delivery networks (CDNs) and the overall impact that DNS filtering would have to the Internet.

This recent paper from Allan A. Friedman, a Fellow at the Brookings Institution, frames the SOPA/PROTECT-IP debate in terms of the impact to national cybersecurity. It again covers the issues with DNS filtering, impacts to DNSSEC, unintended consequences, etc., but does so from the point-of-view of how this will affect the cybersecurity position of the U.S., both domestically and at an international level.

All three of these papers are good to read (and share) to understand the technical weaknesses of the proposed solutions in SOPA/PROTECT-IP.

Please do pass them along so that people can understand the technical issues with these proposed solutions.

Comments

3 Whitepapers You Need To Read To Understand How SOPA Could Damage DNS And Decrease Security

How exactly will the proposed "Stop Online Privacy Act (SOPA)" impact the DNS infrastructure of the Internet? What are the technical and engineering problems caused by the proposed bill? How will the bill actually DECREASE our national cybersecurity?

If you want to understand the technical issues with the proposed mechanism, there are three whitepapers I would recommend for reading - and for sharing with your legislators. (I've sent the links in to my representatives.) I'd note that the first two documents were prepared back in the spring of 2011 to address the U.S. Senate's version, the PROTECT-IP Act, but the mechanism proposed in SOPA is essentially the same.

In this easy-to-read paper, the Internet Society explains why DNS filtering is not a solution, how the mechanism can be easily circumvented and how it will "not solve the problem, interfere with cross-border data flows and services, and undermine the Internet as a single, unified, global communications network." The document discusses the issues of "collateral damage" of website blockage, explains some of the non-technical issues and provides links to further resources.

This whitepaper was written by 5 of the leading DNS designers, operators and researchers and dives into significant technical depth. In particular, it looks at how the proposed DNS filtering mechanism would break the implementation of DNSSEC, a newer method being deployed to help secure the DNS infrastructure. The paper, too, addresses how easily DNS filtering can be bypassed (and provides very simple examples demonstrating this) and the security issues that come with that circumvention. It also looks at the "collateral damage" issue, the impact to content delivery networks (CDNs) and the overall impact that DNS filtering would have to the Internet.

This recent paper from Allan A. Friedman, a Fellow at the Brookings Institution, frames the SOPA/PROTECT-IP debate in terms of the impact to national cybersecurity. It again covers the issues with DNS filtering, impacts to DNSSEC, unintended consequences, etc., but does so from the point-of-view of how this will affect the cybersecurity position of the U.S., both domestically and at an international level.

All three of these papers are good to read (and share) to understand the technical weaknesses of the proposed solutions in SOPA/PROTECT-IP.

Please do pass them along so that people can understand the technical issues with these proposed solutions.